Configure Networking: Difference between revisions

From Alpine Linux
(Added 'Connectivity failing / "ping: bad address"' section)
m (Amended 'group write denied' to 'group read denied'; amended grammar)
 
Line 263: Line 263:
</pre>
</pre>


Although in many cases {{ic|-rw----r--}} may appear to work ({{ic|chmod 604}}), having '<i>group write denied</i>' for this file could be insufficient in some environments e.g. for Docker, Nomad and container environments, etc.
Although in many cases {{ic|-rw----r--}} may appear to work ({{ic|chmod 604}}), having '<i>group read denied</i>' for this file could be insufficient in some environments e.g. for Docker, Nomad and container environments, etc.


The file may have been made immutable/unwritable, in which case its immutability will have to be temporarily suspended in order to to correct the permissions and/or ownership settings.  To test for immutability:
The file may have been made immutable/unwritable, in which case its immutability will have to be temporarily suspended in order to correct the permissions and/or ownership settings.  To test for immutability:
<pre>
<pre>
$ lsattr /etc/resolv.conf
$ lsattr /etc/resolv.conf

Latest revision as of 10:56, 27 October 2025

This page documents the steps to configure network in Alpine Linux using either Network setup-scripts or manually and to test your Internet access. Alpine Linux uses ifupdown-ng for managing its network configuration by default. For additional gui/tui networking tools NetworkManager can be used.

For Wireless, wpa_supplicant and iwd are available and both are fully supported in Alpine Linux. wpa_supplicant is the default wireless daemon and is configured as part of setup-interfaces script.

Tip: To setup basic networking quickly, use setup-interfaces script.

Network setup-scripts

A number of network related scripts are available from the alpine-conf package as part of Alpine setup scripts. These scripts can quickly configure various networking related options in Alpine Linux and satisfies most trivial configurations.

When installing Alpine linux, the setup-alpine script interactively calls the scripts to setup networking.

setup-interfaces

This script can be used to configure ethernet, wireless, bridge, bond and vlan interfaces and will satisfy most trivial configurations. Start the script by running the command:

# setup-interfaces

Available interfaces are: eth0 wlan0.
Enter '?' for help on bridges, bonding and vlans.
Which one do you want to initialize? (or '?' or 'done') [eth0]

choose eth0 for Ethernet or wlan0 for wireless device, as appropriate.

if asked: 

Ip address for eth0? (or 'dhcp', 'none', '?') [dhcp]

choose dhcp, if you are using dhcp.

Now it will ask Do you to do any manual network configuration? (y/n) [n]

In most cases, you can accept the default option n . Choosing y will open the /etc/network/interfaces file for editing in vi editor to proceed with manual network configuration.

The above script configures Networking service, starts the service and adds it to the boot run level.

If your networking needs are more advanced, refer to the following detailed guide for manual network configuration.

Setting hostname

To set the system hostname:

# echo "shortname" > /etc/hostname

Then, to activate the change:

# hostname -F /etc/hostname

If you're using IPv6, you should also add the following special IPv6 addresses to your /etc/hosts file:

Contents of /etc/hosts

... ::1 localhost ipv6-localhost ipv6-loopback fe00::0 ipv6-localnet ff00::0 ipv6-mcastprefix ff02::1 ipv6-allnodes ff02::2 ipv6-allrouters ff02::3 ipv6-allhosts
Tip: If you're going to use automatic IP configuration, such as IPv4 DHCP or IPv6 Stateless Autoconfiguration, you can skip ahead to Configuring DNS. Otherwise, if you're going to use a static IPv4 or IPv6 address, continue below.

For a static IP configuration, it's common to also add the machine's hostname you just set (above) to the /etc/hosts file.

Here's an IPv4 example:

Contents of /etc/hosts

... 192.168.1.150 shortname.domain.com ...

And here's an IPv6 example:

Contents of /etc/hosts

... 2001:470:ffff:ff::2 shortname.domain.com ...

Configuring DNS

Tip: For users of IPv4 DHCP: Please note that /etc/resolv.conf will be completely overwritten with any nameservers provided by DHCP. If DHCP does not provide any nameservers, then /etc/resolv.conf will still be overwritten, but will not contain any nameservers!

For a static IP address and static nameservers, use one of the following examples.

For IPv4 nameservers, edit your /etc/resolv.conf file to look like this:
The following example uses Google's Public DNS servers.

Contents of /etc/resolv.conf

nameserver 8.8.8.8 nameserver 8.8.4.4

For IPv6 nameservers, edit your /etc/resolv.conf file to look like this:
The following example uses Hurricane Electric's public DNS server.

Contents of /etc/resolv.conf

nameserver 2001:470:20::2

You can also use Hurricane Electric's public IPv4 DNS server:

Contents of /etc/resolv.conf

nameserver 74.82.42.42
Tip: If you decide to use Hurricane Electric's nameserver, be aware that it is 'Google-whitelisted'. What does this mean? It allows you access to many of Google's services via IPv6. (Just don't add other, non-whitelisted, nameservers to /etc/resolv.conf — ironically, such as Google's Public DNS Servers.) Read here for more information.

Interface configuration

See also: Wi-Fi

Manual interface configuration is explained in the following sections to meet non-trivial networking requirements. In the following configuration examples, the device name used is eth0. It can be substituted by appropriate device names like wlan0 for wireless etc..

Loopback configuration

To configure loopback, add the following to the file /etc/network/interfaces:

Contents of /etc/network/interfaces

auto lo iface lo inet loopback

The above works to set up the IPv4 loopback address (127.0.0.1), and the IPv6 loopback address (::1) — if you enabled IPv6.

Note: For Busybox ifupdown, loopback configuration must appear first in /etc/network/interfaces file to prevent networking issues.

DHCP configuration

A basic configuration for a desktop computer appears as follows:

Contents of /etc/network/interfaces

... auto eth0 iface eth0 use dhcp

Refer busybox DHCP client udhcpc page for additional configuration options. If dhcpcd is installed, with ifupdown-ng, DHCPv6 will also be used as dhcpcd interacts with both DHCPv4 and DHCPv6 from the same process.

IPv6 stateless autoconfiguration

With IPv6, stateless auto-configuration is typically used to configure network interfaces. If you are not interested in using IPv4 at all, you can simply use the ipv6-ra executor to ensure that an interface is configured to accept IPv6 RA advertisements:

Contents of /etc/network/interfaces

... auto eth0 iface eth0 use ipv6-ra

Static address configuration

Add the following to the file /etc/network/interfaces:

Contents of /etc/network/interfaces

... auto eth0 iface eth0 address 203.0.113.2/24 gateway 203.0.113.1

Multiple address

Contents of /etc/network/interfaces

... auto eth0 iface eth0 address 203.0.113.2/24 address 203.0.113.3/24 address 203.0.113.4/24 gateway 203.0.113.1

Dual-stack configuration

This example shows a dual-stack configuration.

Contents of /etc/network/interfaces

... auto eth0 iface eth0 address 203.0.113.2/24 address 203.0.113.3/24 address 203.0.113.4/24 gateway 203.0.113.1 address 2001:db8:1000:2::2/64 address 2001:db8:1000:2::3/64 address 2001:db8:1000:2::4/64 gateway 2001:db8:1000:2::1

Networking service

Tip: If Wi-Fi is used, follow the instructions mentioned on those pages.

Changes made to /etc/network/interfaces related to ethernet can be activated by running:

# rc-service networking restart

To start (or restart) the networking service:

# rc-service networking --quiet start &

To add networking service so that it starts on boot:

# rc-update add networking boot

Advanced network configuration

Busybox ifupdown

If the default ifupdown-ng is uninstalled, the Busybox ifupdown gets used. Busybox ifupdown syntax is slightly different from ifupdown-ng, but ifupdown-ng fully supports Busybox ifupdown syntax.

The CIDR notation 203.0.113.2/24 is not supported by BusyBox ifupdown, so for IP address use subnet mask notation i.e 203.0.113.2/255.255.255.0.

The interface configuration file /etc/network/interfaces for DHCP with Busybox ifupdown syntax appears as follows:

Contents of /etc/network/interfaces

... auto eth0 iface eth0 inet dhcp

For static IP address, use the word static instead of dhcp and provide ip address as shown:

Contents of /etc/network/interfaces

... auto eth0 iface eth0 inet static address 203.0.113.2 netmask 255.255.255.0

Change network interface name

To change interface names from default eth0 or wlan0, refer appropriate device manager pages i.e eudev or mdev.

Alternately, if ifupdown-ng is used, to set network interface name as dmz for a MAC address 00:11:22:33:44:55 add the following pre-up command to your file /etc/network/interfaces as follows:

Contents of /etc/network/interfaces

... auto dmz iface dmz inet dhcp pre-up nameif -s dmz 00:11:22:33:44:55

Change MAC or hw address

If ifupdown-ng is used, to set the MAC or hw address as de:ad:be:ef:ca:fe for wlan0 interface, add the following pre-up command to the relevant interface configuration stanza in the file /etc/network/interfaces as follows:

Contents of /etc/network/interfaces

... auto wlan0 iface wlan0 inet dhcp pre-up ip link set $IFACE addr de:ad:be:ef:ca:fe

Troubleshooting

Connectivity testing

Test if networking is configured properly by attempting to ping out:

$ ping www.google.com PING www.l.google.com (74.125.47.103) 56(84) bytes of data. 64 bytes from yw-in-f103.1e100.net (74.125.47.103): icmp_seq=1 ttl=48 time=58.5 ms 64 bytes from yw-in-f103.1e100.net (74.125.47.103): icmp_seq=2 ttl=48 time=56.4 ms 64 bytes from yw-in-f103.1e100.net (74.125.47.103): icmp_seq=3 ttl=48 time=57.0 ms 64 bytes from yw-in-f103.1e100.net (74.125.47.103): icmp_seq=4 ttl=48 time=60.2 ms ^C --- www.l.google.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3007ms rtt min/avg/max/mdev = 56.411/58.069/60.256/1.501 ms

For an IPv6 traceroute run traceroute6:

$ traceroute6 ipv6.google.com traceroute to ipv6.l.google.com (2001:4860:8009::67) from 2001:470:ffff:ff::2, 30 hops max, 16 byte packets 1 2001:470:ffff:ff::1 (2001:470:ffff:ff::1) 3.49 ms 0.62 ms 0.607 ms 2 * * * 3 * * * 4 pr61.iad07.net.google.com (2001:504:0:2:0:1:5169:1) 134.313 ms 95.342 ms 88.425 ms 5 2001:4860::1:0:9ff (2001:4860::1:0:9ff) 100.759 ms 100.537 ms 89.907 ms 6 2001:4860::1:0:5db (2001:4860::1:0:5db) 115.563 ms 102.946 ms 106.191 ms 7 2001:4860::2:0:a7 (2001:4860::2:0:a7) 101.754 ms 100.475 ms 100.512 ms 8 2001:4860:0:1::c3 (2001:4860:0:1::c3) 99.272 ms 111.989 ms 99.835 ms 9 yw-in-x67.1e100.net (2001:4860:8009::67) 101.545 ms 109.675 ms 99.431 ms

iproute2

Install the iproute2 package which provides the 'ss' command which is an alternate to netstat.:

# apk add iproute2

Show listening tcp ports:

$ ss -tl

Show listening tcp ports and associated processes:

$ ss -ptl

Show listening and established tcp connections:

$ ss -ta

Show socket usage summary:

$ ss -s

Show more options:

$ ss -h

drill

Install drill (it will also install the 'ldns' package) which is a superior replacement for nslookup and dig etc:

# apk add drill

Then use it as you would for dig:

$ drill alpinelinux.org @8.8.8.8

To perform a reverse lookup (get a name from an IP) use the following syntax:

$ drill -x 8.8.8.8 @208.67.222.222

Missing interface

To list your available network interfaces use the commands ip link or ip a. Refer to Wifi troubleshooting page for issues related to wireless interfaces. If nothing works, you may have to use an alternate interface (e.g. a usb to ethernet adapter).

Connectivity failing / "ping: bad address"

If pings fail, a possible reason may have been improper permissions or ownership of /etc/resolv.conf, perhaps due to a backup being restored without these being set correctly. Test for these: 

$ ls /etc/resolv.conf
-rw-r--r--    1 root  root    845 Oct 24 23:58 /etc/resolv.conf

The above output is appropriate: -rw-r--r-- permissions, with root:root ownership. Otherwise, one would need to reset whatever is required: 

doas chmod 644 /etc/resolv.conf
doas chown root:root /etc/resolv.conf

Although in many cases -rw----r-- may appear to work (chmod 604), having 'group read denied' for this file could be insufficient in some environments e.g. for Docker, Nomad and container environments, etc.

The file may have been made immutable/unwritable, in which case its immutability will have to be temporarily suspended in order to correct the permissions and/or ownership settings. To test for immutability: 

$ lsattr /etc/resolv.conf
----i--------e- /etc/resolv.conf

The output in such an installation demonstrates an 'i', which confirms immutability. In such cases:

  1. Remove immutability temporarily with doas chattr -i /etc/resolv.conf
  2. Reset permissions and/or ownership, as per the above
  3. Restore immutability: doas chattr +i /etc/resolv.conf

Regarding immutability, the aforementioned udhcpc page delves deeper on the matter of overwriting resolv.conf.

See also

You may also wish to review the following network related articles:

Retrieved from "https://wiki.alpinelinux.org/w/index.php?title=Configure_Networking&oldid=31286"